added a second dummy guard node

experiment-infra/guard/Dockerfile

@@ -1,4 +1,6 @@
 FROM debian:bookworm
 RUN apt update && apt -y install tor
+ARG BIND_ADDRESS="10.2.0.3"
 COPY ./torrc /etc/tor/torrc
-CMD [ "tor" ]
+RUN sed -i "s/{bind-address}/${BIND_ADDRESS}/" /etc/tor/torrc
+CMD [ "bash", "-c", "sleep 5; tor" ]

experiment-infra/guard/docker-compose.yml

@@ -1,17 +1,41 @@
 services:
-  wireguard:
+  wg-target:
     build: ../wireguard
     cap_add:
       - NET_ADMIN
     sysctls:
       - net.ipv4.conf.all.src_valid_mark=1
     secrets:
-      - wg-config
+      - source: wg-target
+        target: wg-config
 
-  guard:
+  wg-dummy:
-    build: ./
+    build: ../wireguard
-    network_mode: "service:wireguard"
+    cap_add:
+      - NET_ADMIN
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+    secrets:
+      - source: wg-dummy
+        target: wg-config
+  
+  target:
+    build:
+      dockerfile: ./Dockerfile
+      args:
+        BIND_ADDRESS: "10.2.0.3"
+    network_mode: "service:wg-target"
+
+  dummy:
+    build:
+      dockerfile: ./Dockerfile
+      args:
+        BIND_ADDRESS: "10.2.0.6"
+    network_mode: "service:wg-dummy"
 
 secrets:
-  wg-config:
+  wg-target:
-    file: ./wireguard.conf
+    file: ./wg-target.conf
+  
+  wg-dummy:
+    file: ./wg-dummy.conf

experiment-infra/guard/torrc

@@ -1,8 +1,6 @@
 AssumeReachable 1
 PublishServerDescriptor 0
-ORPort 10.2.0.3:443
+ORPort {bind-address}:443
 Nickname localtestrelay
 RelayBandwidthRate 1 MB
 RelayBandwidthBurst 2 MB
-# ORPort 10.2.0.3:443 NoAdvertise
-# Address 10.2.0.3

experiment-infra/guard/wg-dummy.conf

@@ -0,0 +1,10 @@
+[Interface]
+Address = 10.2.0.6/24
+PrivateKey = <censored>
+MTU = 1000
+
+[Peer]
+PublicKey = <censored>
+AllowedIps = 10.2.0.0/24
+Endpoint = vanrissenbeck.com:41415
+PersistentKeepalive = 10